Cybersecurity Weekly: Model response to cyber attack, Ecuador data leak, whistleblower phishing site

Infosec_SamInfosec_Sam Security+, CCENT, ITIL Foundation, A+Madison, WIAdmin Posts: 519 Admin
edited September 2019 in Security News & Breaches
Arizona schools demonstrate the model response to a malware attack. A marketing analytics company leaks deep profiles of the entire Ecuador population. A new phishing attack targets the whistleblower submission site for The Guardian. All this, and more, in this week’s edition of Cybersecurity Weekly.


1. Arizona schools provide model for managing ransomware

On Wednesday, September 4, 2019, ransomware was discovered at Flagstaff Unified School District in Arizona. Schools were closed on Thursday and Friday of that week, but reopened after the weekend. No ransom was paid, and only two school days were lost. This case is a great example of how to prepare for and mitigate the effects of ransomware.
Read more »

2. Your users aren’t the weakest link — they’re integral to your security program

As a security concept, zero trust is based on the principle that organizations should never automatically trust anything inside or outside their perimeters. Instead, they must verify everyone and everything trying to connect to their systems before granting access. This is a responsibility held by everyone, and it requires a unified effort to be successful.
Read more »

3. Marketing analytics company leaks deep profiles of entire Ecuador population

A marketing analytics company just leaked personal information from the entire population of Ecuador. The leaked database includes records gleaned from Ecuadorian government registries, an automotive association and the Ecuadorian national bank. These leaked records included full names, date of birth, address, email address, phone numbers and taxpayer IDs.
Read more »

4. Phishing attack targets The Guardian’s whistleblowing site

The Guardian’s SecureDrop whistleblower submission site was mimicked by a phishing page that attempted to harvest the unique code names of its sources. Once the attackers gain access to a source’s codename, they can login to The Guardian’s real SecureDrop site and steal information and communications.
Read more »

5. U.S. sues Edward Snowden over his memoir

The former IT contractor turned whistleblower failed to get government clearance for the book’s allegedly sensitive material and is now being sued for violation of non-disclosure agreements. the U.S. Attorney’s Office said it aims “to recover all proceeds earned by Snowden because of his failure to submit his publication for pre-publication review.”
Read more »

6. The defender’s dilemma

Officials at the Homeland Security Department think they can bring more of that limited cyber talent into government by flipping the hiring process on its head. The Cyber Talent Management System, set to debut in early 2020, will do away with entire General Schedule system and give Homeland Security officials more flexibility in the jobs, salaries and benefits.
Read more »

7. Researcher drops phpMyAdmin zero-day affecting all versions

The flaw was given a medium rating because of its limited scope that only allows an attacker to delete any server configured in the setup page of a phpMyAdmin panel on a victim’s server. However, the vulnerability is trivial to exploit because other than knowing the URL of a targeted server, an attacker doesn’t need any other information, like the name of the databases.
Read more »

8. Emotet returns from summer vacation, ramps up stolen email tactic

Less than a month after reactivating its command and control servers, the Emotet botnet has come to life by spewing spam messages to countries around the globe. To protect against this revival of Emotet, people should employ strong passwords, opt in to multi-factor authentication and keep an eye out for unexpected email messages.
Read more »

9. 125 new flaws found in routers and NAS devices from popular brands

According to security researchers, all of the widely-used devices they tested had at least one web application vulnerability that could allow an attacker to gain remote shell access or access to the administrative panel of the affected device. These vulnerabilities include cross-site scripting (XSS), cross-site request forgery (CSRF), SQL injection and several others.
Read more »

10. Gamification: A winning strategy for cybersecurity training

Studies show that 90% of data breaches are caused by human error — usually caused by a phishing campaign or similar attack. As a result, employee security awareness training has come under sharp focus as companies work to combat the ongoing epidemic of cybercrime. So how can these companies get their employees to care about the training? Enter, gamification.
Read more »

Community Manager at Infosec!
Who we are | What we do

Comments

  • JDMurrayJDMurray MSIT InfoSec, CISSP, SSCP, GSEC, EnCE, C|EH, CySA+, PenTest+, CASP+, Security+ Surf City, USAAdmin Posts: 11,938 Admin
    Is anybody besides me reading (listening to, actually) the Ed Snowden book? I haven't found "the good stuff" yet. The first five chapters are Snowden's childhood back-story filler that I'm not interested in. I need to skip ahead a bit.
  • Infosec_SamInfosec_Sam Security+, CCENT, ITIL Foundation, A+ Madison, WIAdmin Posts: 519 Admin
    JDMurray said:
    Is anybody besides me reading (listening to, actually) the Ed Snowden book? I haven't found "the good stuff" yet. The first five chapters are Snowden's childhood back-story filler that I'm not interested in. I need to skip ahead a bit.
    Reading through the details on this story has made me want to pick up the book, but I haven't gotten around to it yet. I watched a couple of his recent interviews, and it really seemed like he had his thoughts well put-together, so his book is definitely on my list.
    Community Manager at Infosec!
    Who we are | What we do
Sign In or Register to comment.